diff --git a/cluster/apps/data/bookstack/helm-release.yaml b/cluster/apps/data/bookstack/helm-release.yaml index d8f92c3f9..83a79008a 100644 --- a/cluster/apps/data/bookstack/helm-release.yaml +++ b/cluster/apps/data/bookstack/helm-release.yaml @@ -50,7 +50,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/data/forecastle/helm-release.yaml b/cluster/apps/data/forecastle/helm-release.yaml index 9aae1f00b..a26c94ced 100644 --- a/cluster/apps/data/forecastle/helm-release.yaml +++ b/cluster/apps/data/forecastle/helm-release.yaml @@ -29,8 +29,10 @@ spec: - networking ingress: enabled: true + ingressClassName: "nginx" annotations: - kubernetes.io/ingress.class: "traefik" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd hosts: diff --git a/cluster/apps/data/freshrss/helm-release.yaml b/cluster/apps/data/freshrss/helm-release.yaml index acbf555d5..5f73b7117 100644 --- a/cluster/apps/data/freshrss/helm-release.yaml +++ b/cluster/apps/data/freshrss/helm-release.yaml @@ -37,7 +37,7 @@ spec: main: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" forecastle.stakater.com/appName: "FreshRSS" diff --git a/cluster/apps/data/joplin-server/helm-release.yaml b/cluster/apps/data/joplin-server/helm-release.yaml index dcd44b789..8641b0158 100644 --- a/cluster/apps/data/joplin-server/helm-release.yaml +++ b/cluster/apps/data/joplin-server/helm-release.yaml @@ -46,9 +46,8 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: - kubernetes.io/ingress.class: "traefik" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: - host: joplin.${SECRET_CLUSTER_DOMAIN} diff --git a/cluster/apps/data/pgadmin/helm-release.yaml b/cluster/apps/data/pgadmin/helm-release.yaml index 9dad09c70..70a79a4ca 100644 --- a/cluster/apps/data/pgadmin/helm-release.yaml +++ b/cluster/apps/data/pgadmin/helm-release.yaml @@ -28,8 +28,10 @@ spec: password: ${SECRET_PGADMIN_PASSWORD} ingress: enabled: true + ingressClassName: "nginx" annotations: - kubernetes.io/ingress.class: "traefik" + nginx.ingress.kubernetes.io/client-body-buffer-size: "50m" + nginx.ingress.kubernetes.io/proxy-body-size: "50m" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-medium@kubernetescrd forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/data/recipes/helm-release.yaml b/cluster/apps/data/recipes/helm-release.yaml index a85b6865e..3010bbcd1 100644 --- a/cluster/apps/data/recipes/helm-release.yaml +++ b/cluster/apps/data/recipes/helm-release.yaml @@ -52,8 +52,9 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/client-body-buffer-size: "10m" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-small@kubernetescrd forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/data/resilio-sync/statefulset.yaml b/cluster/apps/data/resilio-sync/statefulset.yaml index 737f0b51a..3f79ef8c4 100644 --- a/cluster/apps/data/resilio-sync/statefulset.yaml +++ b/cluster/apps/data/resilio-sync/statefulset.yaml @@ -206,7 +206,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - kubernetes.io/ingress.class: "traefik" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" forecastle.stakater.com/appName: "Resilio Sync" @@ -218,6 +217,7 @@ metadata: name: resilio-sync namespace: data spec: + ingressClassName: "nginx" rules: - host: resilio-sync-claude.${SECRET_CLUSTER_DOMAIN} http: diff --git a/cluster/apps/data/sharry/helm-release.yaml b/cluster/apps/data/sharry/helm-release.yaml index 9148533d1..d8f1c84d0 100644 --- a/cluster/apps/data/sharry/helm-release.yaml +++ b/cluster/apps/data/sharry/helm-release.yaml @@ -43,8 +43,11 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/client-body-buffer-size: "2048m" + nginx.ingress.kubernetes.io/proxy-body-size: "2048m" + nginx.ingress.kubernetes.io/proxy-buffering: "off" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-large@kubernetescrd forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/data/vaultwarden/helm-release.yaml b/cluster/apps/data/vaultwarden/helm-release.yaml index ec3214905..590484743 100644 --- a/cluster/apps/data/vaultwarden/helm-release.yaml +++ b/cluster/apps/data/vaultwarden/helm-release.yaml @@ -44,7 +44,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/data/vikunja/helm-release.yaml b/cluster/apps/data/vikunja/helm-release.yaml index 3d05c105a..5f46c06b0 100644 --- a/cluster/apps/data/vikunja/helm-release.yaml +++ b/cluster/apps/data/vikunja/helm-release.yaml @@ -60,7 +60,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/data/wallabag/helm-release.yaml b/cluster/apps/data/wallabag/helm-release.yaml index ccd192ab7..1c9bffddf 100644 --- a/cluster/apps/data/wallabag/helm-release.yaml +++ b/cluster/apps/data/wallabag/helm-release.yaml @@ -45,7 +45,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/development/docker-registry/helm-release.yaml b/cluster/apps/development/docker-registry/helm-release.yaml index 5e3e86fd8..f96c005d3 100644 --- a/cluster/apps/development/docker-registry/helm-release.yaml +++ b/cluster/apps/development/docker-registry/helm-release.yaml @@ -32,7 +32,10 @@ spec: ingress: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/proxy-body-size: "0" + nginx.ingress.kubernetes.io/proxy-read-timeout: "600" + nginx.ingress.kubernetes.io/proxy-send-timeout: "600" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-large@kubernetescrd hosts: diff --git a/cluster/apps/development/drone/helm-release.yaml b/cluster/apps/development/drone/helm-release.yaml index 90f256f07..ac7d30cba 100644 --- a/cluster/apps/development/drone/helm-release.yaml +++ b/cluster/apps/development/drone/helm-release.yaml @@ -41,7 +41,7 @@ spec: ingress: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: - host: drone.${SECRET_CLUSTER_DOMAIN} diff --git a/cluster/apps/development/gitea/helm-release.yaml b/cluster/apps/development/gitea/helm-release.yaml index a70fb4ffa..9858c6dcd 100644 --- a/cluster/apps/development/gitea/helm-release.yaml +++ b/cluster/apps/development/gitea/helm-release.yaml @@ -27,7 +27,7 @@ spec: ingress: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: - host: "gitea.${SECRET_CLUSTER_DOMAIN}" diff --git a/cluster/apps/home-automation/emqx/helm-release.yaml b/cluster/apps/home-automation/emqx/helm-release.yaml index 5098980f2..014580210 100644 --- a/cluster/apps/home-automation/emqx/helm-release.yaml +++ b/cluster/apps/home-automation/emqx/helm-release.yaml @@ -30,7 +30,7 @@ spec: dashboard: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" path: / hosts: diff --git a/cluster/apps/home-automation/frigate/helm-release.yaml b/cluster/apps/home-automation/frigate/helm-release.yaml index 04eb50be0..b4b301b2a 100644 --- a/cluster/apps/home-automation/frigate/helm-release.yaml +++ b/cluster/apps/home-automation/frigate/helm-release.yaml @@ -24,7 +24,9 @@ spec: main: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd hosts: diff --git a/cluster/apps/home-automation/home-assistant/helm-release.yaml b/cluster/apps/home-automation/home-assistant/helm-release.yaml index 2d2776f2d..858253a4e 100644 --- a/cluster/apps/home-automation/home-assistant/helm-release.yaml +++ b/cluster/apps/home-automation/home-assistant/helm-release.yaml @@ -44,7 +44,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: @@ -86,7 +86,7 @@ spec: - "/config/.vscode" ingress: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: diff --git a/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml b/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml index 610f04b03..5fedade1e 100644 --- a/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml +++ b/cluster/apps/home-automation/zigbee2mqtt/helm-release.yaml @@ -69,8 +69,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd hosts: diff --git a/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml b/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml index 3c7f09dd4..27dca5921 100644 --- a/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml +++ b/cluster/apps/home-automation/zwavejs2mqtt/helm-release.yaml @@ -28,8 +28,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd hosts: diff --git a/cluster/apps/kasten-io/k10/helm-release.yaml b/cluster/apps/kasten-io/k10/helm-release.yaml index 90536fb45..2f26c00e9 100644 --- a/cluster/apps/kasten-io/k10/helm-release.yaml +++ b/cluster/apps/kasten-io/k10/helm-release.yaml @@ -33,17 +33,18 @@ spec: create: true host: "k10.${SECRET_CLUSTER_DOMAIN}" annotations: + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" urlPath: k10 hosts: - "k10.${SECRET_CLUSTER_DOMAIN}" - postRenderers: - - kustomize: - patchesJson6902: - - target: - kind: Ingress - name: k10-ingress - patch: - - op: add - path: /spec/ingressClassName - value: traefik + # postRenderers: + # - kustomize: + # patchesJson6902: + # - target: + # kind: Ingress + # name: k10-ingress + # patch: + # - op: add + # path: /spec/ingressClassName + # value: traefik diff --git a/cluster/apps/media/bazarr/helm-release.yaml b/cluster/apps/media/bazarr/helm-release.yaml index aadfa97a8..46ca456b3 100644 --- a/cluster/apps/media/bazarr/helm-release.yaml +++ b/cluster/apps/media/bazarr/helm-release.yaml @@ -50,8 +50,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd hosts: diff --git a/cluster/apps/media/flood/helm-release.yaml b/cluster/apps/media/flood/helm-release.yaml index d87bcab10..eec25fd9d 100644 --- a/cluster/apps/media/flood/helm-release.yaml +++ b/cluster/apps/media/flood/helm-release.yaml @@ -36,7 +36,9 @@ spec: main: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/jellyfin/helm-release.yaml b/cluster/apps/media/jellyfin/helm-release.yaml index b47de4d46..f56a39c96 100644 --- a/cluster/apps/media/jellyfin/helm-release.yaml +++ b/cluster/apps/media/jellyfin/helm-release.yaml @@ -53,7 +53,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/lidarr/helm-release.yaml b/cluster/apps/media/lidarr/helm-release.yaml index 9eb3380de..78c3c68fa 100644 --- a/cluster/apps/media/lidarr/helm-release.yaml +++ b/cluster/apps/media/lidarr/helm-release.yaml @@ -31,8 +31,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd forecastle.stakater.com/expose: "true" @@ -46,7 +48,7 @@ spec: pathType: Prefix api: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: diff --git a/cluster/apps/media/lychee/helm-release.yaml b/cluster/apps/media/lychee/helm-release.yaml index 20a3ec28a..499ed47e9 100644 --- a/cluster/apps/media/lychee/helm-release.yaml +++ b/cluster/apps/media/lychee/helm-release.yaml @@ -34,7 +34,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/navidrome/helm-release.yaml b/cluster/apps/media/navidrome/helm-release.yaml index f34da9098..f65310411 100644 --- a/cluster/apps/media/navidrome/helm-release.yaml +++ b/cluster/apps/media/navidrome/helm-release.yaml @@ -31,7 +31,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/prowlarr/helm-release.yaml b/cluster/apps/media/prowlarr/helm-release.yaml index 8a923f492..6dc6246a7 100644 --- a/cluster/apps/media/prowlarr/helm-release.yaml +++ b/cluster/apps/media/prowlarr/helm-release.yaml @@ -35,8 +35,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/pyload/helm-release.yaml b/cluster/apps/media/pyload/helm-release.yaml index 0d8164739..8a9b32aee 100644 --- a/cluster/apps/media/pyload/helm-release.yaml +++ b/cluster/apps/media/pyload/helm-release.yaml @@ -46,7 +46,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/qbittorrent/helm-release.yaml b/cluster/apps/media/qbittorrent/helm-release.yaml index 6a6f26e03..cbb899628 100644 --- a/cluster/apps/media/qbittorrent/helm-release.yaml +++ b/cluster/apps/media/qbittorrent/helm-release.yaml @@ -63,7 +63,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/radarr/helm-release.yaml b/cluster/apps/media/radarr/helm-release.yaml index ab0145b0e..f7a018703 100644 --- a/cluster/apps/media/radarr/helm-release.yaml +++ b/cluster/apps/media/radarr/helm-release.yaml @@ -31,8 +31,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd forecastle.stakater.com/expose: "true" @@ -46,7 +48,7 @@ spec: pathType: Prefix api: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: diff --git a/cluster/apps/media/sabnzbd/helm-release.yaml b/cluster/apps/media/sabnzbd/helm-release.yaml index a97e7bf7b..e6a09ed1d 100644 --- a/cluster/apps/media/sabnzbd/helm-release.yaml +++ b/cluster/apps/media/sabnzbd/helm-release.yaml @@ -31,7 +31,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd @@ -46,7 +46,7 @@ spec: pathType: Prefix api: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" nameSuffix: "api" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" diff --git a/cluster/apps/media/sonarr/helm-release.yaml b/cluster/apps/media/sonarr/helm-release.yaml index 08f224fb1..ebb116648 100644 --- a/cluster/apps/media/sonarr/helm-release.yaml +++ b/cluster/apps/media/sonarr/helm-release.yaml @@ -31,8 +31,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd forecastle.stakater.com/expose: "true" @@ -46,7 +48,7 @@ spec: pathType: Prefix api: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: diff --git a/cluster/apps/media/tdarr/helm-release.yaml b/cluster/apps/media/tdarr/helm-release.yaml index cd2af7817..25eb7ecfc 100644 --- a/cluster/apps/media/tdarr/helm-release.yaml +++ b/cluster/apps/media/tdarr/helm-release.yaml @@ -62,8 +62,10 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/media/travelstories/deployment.yaml b/cluster/apps/media/travelstories/deployment.yaml index f01f92267..985248efc 100644 --- a/cluster/apps/media/travelstories/deployment.yaml +++ b/cluster/apps/media/travelstories/deployment.yaml @@ -79,7 +79,9 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd, networking-buffering-small@kubernetescrd forecastle.stakater.com/expose: "true" diff --git a/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml b/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml index 9d1b8c7ad..7ced07246 100644 --- a/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml +++ b/cluster/apps/monitoring/blackbox-exporter/helm-release.yaml @@ -87,7 +87,9 @@ spec: ingress: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd hosts: diff --git a/cluster/apps/monitoring/healthchecks/helm-release.yaml b/cluster/apps/monitoring/healthchecks/helm-release.yaml index 11203c021..84ba00b4b 100644 --- a/cluster/apps/monitoring/healthchecks/helm-release.yaml +++ b/cluster/apps/monitoring/healthchecks/helm-release.yaml @@ -61,7 +61,7 @@ spec: ingress: main: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: diff --git a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml index 635ba4af2..00103cbb7 100644 --- a/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml +++ b/cluster/apps/monitoring/kube-prometheus-stack/helm-release.yaml @@ -33,7 +33,9 @@ spec: enabled: true pathType: Prefix annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd hosts: ["alert-manager.${SECRET_CLUSTER_DOMAIN}"] @@ -195,7 +197,7 @@ spec: enabled: true pathType: Prefix annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: ["grafana.${SECRET_CLUSTER_DOMAIN}"] kubeEtcd: @@ -211,7 +213,9 @@ spec: enabled: true pathType: Prefix annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd hosts: ["prometheus.${SECRET_CLUSTER_DOMAIN}"] diff --git a/cluster/apps/monitoring/thanos/helm-release.yaml b/cluster/apps/monitoring/thanos/helm-release.yaml index e1b6bfbf7..2f4b81cfb 100644 --- a/cluster/apps/monitoring/thanos/helm-release.yaml +++ b/cluster/apps/monitoring/thanos/helm-release.yaml @@ -29,7 +29,9 @@ spec: enabled: true hostname: "thanos.${SECRET_CLUSTER_DOMAIN}" annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/auth-url: "http://authelia.networking.svc.cluster.local./api/verify" + nginx.ingress.kubernetes.io/auth-signin: "https://login.${SECRET_CLUSTER_DOMAIN}/" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-forward-auth@kubernetescrd tls: false diff --git a/cluster/apps/monitoring/uptime-kuma/statefulset.yaml b/cluster/apps/monitoring/uptime-kuma/statefulset.yaml index 225b37b90..6bb9c7041 100644 --- a/cluster/apps/monitoring/uptime-kuma/statefulset.yaml +++ b/cluster/apps/monitoring/uptime-kuma/statefulset.yaml @@ -68,7 +68,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" labels: app.kubernetes.io/instance: uptime-kuma diff --git a/cluster/apps/networking/authelia/deployment.yaml b/cluster/apps/networking/authelia/deployment.yaml index 644cb08bf..fa7219f9b 100644 --- a/cluster/apps/networking/authelia/deployment.yaml +++ b/cluster/apps/networking/authelia/deployment.yaml @@ -91,7 +91,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" labels: app.kubernetes.io/instance: authelia diff --git a/cluster/apps/networking/authentik/helm-release.yaml b/cluster/apps/networking/authentik/helm-release.yaml index 795f56d86..1e5f29eb1 100644 --- a/cluster/apps/networking/authentik/helm-release.yaml +++ b/cluster/apps/networking/authentik/helm-release.yaml @@ -23,7 +23,7 @@ spec: ingress: enabled: true - ingressClassName: "traefik" + ingressClassName: "nginx" annotations: traefik.ingress.kubernetes.io/router.entrypoints: "websecure" hosts: diff --git a/cluster/apps/networking/unifi/helm-release.yaml b/cluster/apps/networking/unifi/helm-release.yaml index cc4232d78..3d7e6016c 100644 --- a/cluster/apps/networking/unifi/helm-release.yaml +++ b/cluster/apps/networking/unifi/helm-release.yaml @@ -32,7 +32,7 @@ spec: ingress: enabled: true annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" traefik.ingress.kubernetes.io/router.middlewares: networking-buffering-medium@kubernetescrd hosts: diff --git a/cluster/core/rook-ceph/dashboard/ingress.yaml b/cluster/core/rook-ceph/dashboard/ingress.yaml index db5f36c75..ee673987b 100644 --- a/cluster/core/rook-ceph/dashboard/ingress.yaml +++ b/cluster/core/rook-ceph/dashboard/ingress.yaml @@ -5,7 +5,7 @@ metadata: name: rook-ceph-mgr-dashboard namespace: rook-ceph annotations: - kubernetes.io/ingress.class: "traefik" + kubernetes.io/ingress.class: "nginx" traefik.ingress.kubernetes.io/router.entrypoints: "websecure" labels: app.kubernetes.io/instance: rook-ceph-mgr-dashboard